package com.panshi.config;

import com.panshi.modules.shiro.UserRealm;
import com.panshi.modules.system.bean.BeiSysUser;
import com.panshi.modules.system.util.PiceaFilter;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.DelegatingFilterProxy;

import javax.servlet.Filter;
import javax.validation.groups.ConvertGroup;
import java.util.Arrays;
import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @author :jiege
 * @description :
 * @create :2020-08-05 16:46:00
 */

@Configuration
public class ShiroConfig {
    //三大核心对象
    //ShiroFilterFactoryBean 第三部创建 ShiroFilterFactoryBean
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager securityManager){
        ShiroFilterFactoryBean bean= new ShiroFilterFactoryBean();
        //必须设置 SecurityManager,Shiro的核心安全接口
        bean.setSecurityManager(securityManager);

        //添加shiro的内置过滤器
        /**
         * anon 无需认证就可以访问
         * authc 必须认证了才能访问
         * user 必须拥有记住我 功能才能用
         * perms 拥有对某个资源的权限才能访问
         * role 拥有某个角色权限才能访问
         */
        //登入拦截
        Map<String,String> filter=new LinkedHashMap<>();
        filter.put("/","anon");
        filter.put("/login","anon");
        filter.put("/sysuser/kaptcha","anon");
        filter.put("/swagger-ui.html", "anon");
        filter.put("/swagger-resources", "anon");
        filter.put("/v2/api-docs", "anon");
        filter.put("/webjars/springfox-swagger-ui/**", "anon");
        filter.put("/*","authc");//
        bean.setFilterChainDefinitionMap(filter);

        //这里的/login是后台的接口名,非页面，如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面
        bean.setLoginUrl("/");
        //这里的/index是后台的接口名,非页面,登录成功后要跳转的链接
        bean.setSuccessUrl("/index");
        //设置未授权的请求
        bean.setUnauthorizedUrl("/unauth");
        return  bean;
    }

    //DafaultWebSecurityManager 第二部创建DafaultWebSecurityManager
    @Bean(name="securityManager")
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("getUserRealm") UserRealm userRealm){
        DefaultWebSecurityManager securityManager= new DefaultWebSecurityManager();
        //关联UserRealm
        securityManager.setRealm(userRealm);
        return securityManager;
    }

    //创建realm 对象 需要自定义类 第一步先创建 realm
    @Bean
    public UserRealm getUserRealm(){
        return new UserRealm();
    }

    /*
    解决springcloud
     */
    @Bean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator();
        creator.setProxyTargetClass(true);
        return creator;
    }




}
